5d2625d538790299065be665c66e945e7e7f9089de3f60765ad21031accad160 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d2625d538790299065be665c66e945e7e7f9089de3f60765ad21031accad160
Size

882KB
MD5

ea16dfce8ca6fc89c5c2a539297f9e43
SHA1

2ca4213650aa3a5e35422f717ed406311d29fae8
SHA256

5d2625d538790299065be665c66e945e7e7f9089de3f60765ad21031accad160
SHA512

251bb3d421d9201b63693f31eea7841b8155fd92c360646959c637884e16ab100f987a3ed823e92398872c71aeef34d862314633eb6008346736430241316127
SSDEEP

24576:9LMyT2RzmUppyaOcp9LRH4/oPiA7Iv26pmc:9MyT2cmpLfCwPP7im

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d2625d538790299065be665c66e945e7e7f9089de3f60765ad21031accad160

Files

5d2625d538790299065be665c66e945e7e7f9089de3f60765ad21031accad160
.dll windows x86

0a550a4d1738e35739b8baed6a8e37ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamClose

ws2_32

closesocket

user32

IsDialogMessageA

gdi32

CreateRectRgn

winspool.drv

OpenPrinterA

comdlg32

GetSaveFileNameA

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoUninitialize

oleaut32

VariantChangeType

comctl32

ImageList_GetIcon

Exports

Exports

ADC

Sections

CODE
Size: 849KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE